Skip to main content

Passkeys FAQ – Everything You Need to Know

Here are answers to common questions about passkeys.

Nosa O avatar
Written by Nosa O
Updated over 2 months ago

Here are answers to common questions about passkeys on Kuda Business. This comprehensive FAQ will help you understand how passkeys work, their benefits, and how to use them effectively with your Kuda Business account.

General Questions

What is a passkey?

A passkey is a new way to sign in without passwords. It uses your fingerprint, Face ID, or device PIN to log you in securely. Passkeys are designed to replace traditional passwords with a more secure and convenient authentication method.

Developed by the FIDO Alliance in collaboration with Apple, Google, and Microsoft, passkeys use advanced cryptography to protect your account while making the login process simpler and faster.

How does a passkey work?

Instead of a password, your phone or computer creates and stores a secret key (private key) for your account. When you log in, your device confirms it's really you using biometrics or a PIN, then uses this private key to authenticate you without sending any sensitive information to Kuda Business servers.

Technically, passkeys work through public key cryptography:

  1. Your device generates a unique public-private key pair during setup

  2. The private key stays securely on your device

  3. The public key is stored on Kuda Business servers

  4. When logging in, your device signs a challenge using your private key

  5. Kuda Business verifies this signature using your public key

Why should I use a passkey?

There are several compelling reasons to use passkeys for your Kuda Business account:

  • No passwords to remember – No more creating, remembering, or resetting complex passwords

  • More secure – Passkeys can't be stolen or hacked like passwords and are resistant to phishing attacks

  • Faster logins – Just use your fingerprint, Face ID, or PIN for quick authentication

  • Works on all devices – Syncs across Android, iPhone, and computers through cloud services

  • Built-in multi-factor security – Combines something you have (your device) with something you are (biometrics) or know (PIN)

Is a passkey the same as biometric login?

No, they're not the same, though they're related. Biometric login (using your fingerprint or face) is just one part of how you use a passkey.

The key differences:

  • Biometric login only works on one device and is primarily a way to unlock your device or apps

  • Passkeys can be synced across multiple devices through cloud services

  • Passkeys use public key cryptography for enhanced security

  • Passkeys verify both your identity AND the website/app you're logging into, preventing phishing

Your biometrics (fingerprint, face data) are only stored locally on your device and are never sent to Kuda Business servers. They're simply used to unlock your passkey.

Setup and Usage Questions

How do I set up a passkey?

Setting up a passkey on Kuda Business is straightforward:

  1. Open the Kuda Business app and enter your email address

  2. Tap "Create A Passkey" when prompted

  3. Authenticate using your device's biometrics (fingerprint/face) or PIN

  4. Your passkey is now created and saved on your device

For detailed instructions specific to your device type, please refer to our [Setting Up Passkeys on Kuda Business] guide.

Can I use my passkey on another device?

Yes! Passkeys can be used across multiple devices in several ways:

  1. Automatic Syncing: If your passkey is saved in the cloud (Google Password Manager for Android or iCloud Keychain for iPhone), it will automatically sync to your other devices using the same account.

  2. Cross-Device Authentication: You can use your existing device with a passkey to authenticate on a new device:

    • On the new device, enter your email address

    • Select "Sign in with Another Device"

    • Scan the QR code with your existing device

    • Authenticate on your existing device

    • You'll be signed in on the new device and can create a passkey there

  3. Web to Mobile: If you've created a passkey on the web, you can add it to your mobile device by scanning a QR code.

Do I need an internet connection to use a passkey?

No! Once your passkey is set up on your device, you can use it to log in to the Kuda Business app without an internet connection. The authentication happens locally on your device.

However, you will need an internet connection for:

  • Initial passkey setup

  • Syncing passkeys across devices

  • Completing transactions within the Kuda Business app after login

Can I share my passkey with someone else?

No. Passkeys are personal and tied to your device. They cannot be shared with others. If someone else needs access to your Kuda Business account, they should:

  1. Create their own Kuda Business account

  2. Use the appropriate business account sharing features within Kuda Business

  3. Set up their own passkey on their device

Sharing passkeys would compromise the security benefits they provide. For business accounts requiring multiple users, Kuda Business offers proper user management features with individual authentication.

Security Questions

Can someone steal my passkey?

No. Passkeys are designed with security as a primary focus:

  1. Device-Bound: Passkeys stay securely on your device and in your password manager (Google Password Manager or iCloud Keychain)

  2. Biometric Protection: Access to your passkey requires your fingerprint, face, or device PIN

  3. Phishing-Resistant: Passkeys only work on the legitimate Kuda Business website/app, not on fraudulent sites

  4. No Server Storage: The private key component of your passkey never leaves your device

Even if someone steals your phone, they would need your biometrics or device PIN to use your passkey.

How secure are passkeys compared to passwords?

Passkeys are significantly more secure than traditional passwords for several reasons:

  1. No Shared Secrets: Unlike passwords, which can be stolen and reused, passkeys use cryptographic keys that never share the secret component

  2. Phishing Protection: Passkeys verify both the user AND the website/app, preventing use on fraudulent sites

  3. No Password Database: Kuda Business only stores public keys, which cannot be used to impersonate you even if servers are breached

  4. Unique Per Site: Each passkey is unique to a specific service, eliminating the risks of password reuse

  5. Multi-Factor By Design: Passkeys combine something you have (device) with something you are (biometrics) or know (PIN)

Security experts widely consider passkeys to be the most significant improvement to authentication security in decades.

What happens if someone gets access to my device?

If someone gains physical access to your unlocked device, they could potentially access your Kuda Business account. However, several protections are in place:

  1. Biometric Requirement: They would still need your fingerprint, face, or device PIN to use your passkey

  2. Device Timeout: Your device will lock automatically after a period of inactivity

  3. Remote Locking: You can remotely lock or wipe your device if it's lost or stolen

To maximize security:

  • Always use a strong device PIN

  • Set a short auto-lock timeout on your device

  • Enable remote find/lock/erase features (Find My for iOS, Find My Device for Android)

  • Log out of your Kuda Business app when not in use

Are my biometrics stored on Kuda's servers?

No. Your biometric data (fingerprints, facial recognition data) never leaves your device. When you use a passkey:

  1. Your biometrics are checked locally on your device

  2. If verified, your device uses your private key to sign the authentication challenge

  3. Only the cryptographic signature is sent to Kuda Business servers, not your biometric data

Kuda Business has no access to your biometric information at any point in the process. This design ensures your biometric data remains private and secure on your personal device.

Device Management Questions

What happens if I lose my phone?

If you lose your phone containing your Kuda Business passkey, you have several options:

  1. Use Another Device: If you've set up passkeys on multiple devices, simply use one of your other devices to access your account.

  2. Cloud Recovery: If your passkey was synced to the cloud:

    • iOS: Set up your new iPhone with the same Apple ID and enable iCloud Keychain

    • Android: Sign in to your new Android device with the same Google account and enable Google Password Manager

  3. Contact Support: If you don't have access to any device with your passkey:

    • Send a message to Kuda Business support

    • Verify your identity through alternative means

    • Support will help you regain access to your account

To prepare for this situation, we recommend setting up passkeys on multiple devices when possible.

How do I switch from Android to iPhone?

To switch from using Kuda Business with passkeys on Android to a new iPhone:

  1. Download the Kuda Business app on your new iPhone

  2. Enter your email address on the login screen

  3. Select "Sign in with Another Device"

  4. A QR code will be displayed on your iPhone

  5. Scan this QR code with your Android device

  6. Authenticate on your Android device using your existing passkey

  7. Once authenticated, you'll be signed in on your iPhone

  8. Follow the prompts to create a new passkey on your iPhone

The same process works in reverse when switching from iPhone to Android.

Can I sign in to the app with a passkey created on the web?

Yes, but you'll need to add that passkey to your mobile device first. Here's how:

  1. Go to business.kuda.com and sign in with your email and existing passkey

  2. Navigate to More > Security > Passkeys

  3. Click "Add Passkey" and choose "Use Another Device"

  4. Select your mobile device

  5. Scan the QR code with your mobile device's camera

  6. The passkey will be created and saved on your mobile device

Once completed, you can sign in to the Kuda Business app using this passkey.

Can I delete my passkey?

While technically possible, you should never delete your passkey from your device. Doing so will make it very difficult to sign in to your Kuda Business account.

If you need to reset your passkey (rather than delete it):

  1. Contact Kuda Business support through the in-app messaging feature

  2. Request a passkey reset

  3. Verify your identity through the process they provide

  4. Create a new passkey following their instructions

Instead of deleting passkeys, we recommend adding passkeys to new devices when needed while keeping your existing ones active.

Fallback and Alternative Options

Can I still use my password if I don't want a passkey?

If your device supports passkeys, Kuda Business requires you to use passkeys for authentication as they provide significantly better security. Passwords are only available as a fallback for devices that don't support passkeys due to hardware or software limitations.

This policy helps protect all Kuda Business users from the security vulnerabilities associated with passwords, which have led to account takeovers in the past.

What if my device doesn't support passkeys?

If you're using a device that doesn't support passkeys due to hardware limitations or an outdated operating system, you can:

  1. Use Legacy Authentication: Your app will default to our legacy authentication methods

  2. Update Your Device: If possible, update your device's operating system to a version that supports passkeys

  3. Use Another Device: Access your account from a supported device temporarily

  4. Consider Upgrading: For the best security and experience, consider upgrading to a device that supports passkeys

Kuda Business support can help determine the best solution for your specific situation.

What if my biometrics don't work consistently?

If you experience issues with biometric recognition (fingerprint or facial recognition):

  1. Use Your Device PIN: All devices allow you to use your device PIN as an alternative to biometrics

  2. Re-register Your Biometrics: Update your biometric data in your device settings for better recognition

  3. Add Multiple Biometrics: Register multiple fingerprints or facial appearances for more reliable recognition

  4. Check Sensor Cleanliness: Ensure fingerprint sensors are clean and cameras for facial recognition are unobstructed

Remember that biometrics are just one way to unlock your passkey - your device PIN will always work as a backup.

How do I get help with passkey issues?

If you encounter problems with passkeys that aren't addressed in our help articles:

  1. In-App Support: Send a message to Kuda Business support through the in-app messaging feature

  2. Email Support: Contact [email protected] with details about your issue

  3. Visit a Branch: For critical issues, you can visit our Kuda branch for in-person assistance

When contacting support, please provide:

  • Your full name and email address

  • Your device model and operating system version

  • A detailed description of the issue you're experiencing

  • Any error messages you've received

  • Steps you've already taken to try to resolve the issue

Additional Questions

Will passkeys work if I'm offline?

Yes, once set up, passkeys work offline for logging into the Kuda Business app. The authentication happens locally on your device. However, you'll need an internet connection to perform transactions and access account features after logging in.

How many passkeys can I have for my Kuda Business account?

You can have multiple passkeys for your Kuda Business account - typically one per device. This allows you to access your account from various devices while maintaining security.

There is no specific limit to the number of passkeys you can create, but we recommend only creating passkeys on devices you personally own and control.

What happens to my passkeys if I close my Kuda Business account?

If you close your Kuda Business account:

  1. Your passkeys will remain on your devices but will no longer work for authentication

  2. You can safely remove them from your password manager if desired

  3. If you reopen your account, you'll need to create new passkeys

Are passkeys coming to other Kuda products?

Yes, passkeys are being rolled out across all Kuda products as part of our commitment to providing the highest level of security for our customers. The specific timeline varies by product, but our goal is to implement passkeys across our entire ecosystem.

Where can I learn more about passkeys?

To learn more about passkeys technology and implementation:

  • Review our other Kuda Business passkeys help articles

  • Visit the FIDO Alliance website (fidoalliance.org)

  • Check resources from Apple, Google, or Microsoft about their passkey implementations

Did this answer your question?